[March 15th-19th] Build, Break, Secure (Live remote)

Discover the world of Industrial Control Systems with an attack mindset! In this training, we will follow a hands-on approach, growing from a very simple local process to a realistic ICS environment with 3 words in mind:
Build: how does it work?
Break: what are the weaknesses and how to exploit it?
🔒 Secure: what can we do to fix it?


You will perform a lot of lab sessions, including: programming a PLC in ladder logic, analyzing network captures of ICS protocols, perform Modbus (serial & tcp) requests, using Metasploit to compromise a Windows host and gather sensitive information from an Active Directory, and much more! The last half-day is dedicated to the Capture-the-Flag, in which you will apply the newly acquired techniques to compromise a corporate network, pivot to the ICS network and take control of the process to capture a flag with a robotic arm.
Moreover, the training doesn’t stop on the second day! With the WhiskICS training kit, you’ll be able to redo all the exercises after the training and continue experimenting with ICS security on your own.

Video presentation of the training

Course outline

The course is composed of the following modules:

[BUILD] Introduction to ICS

[BUILD] Introduction to the case study and the WhiskICS student kit

[BUILD] Automation Basics & programming PLC

[BUILD/BREAK] ICS protocols

[BREAK] Hacking the process

[BREAK] Attacking the non-ICS part of the PLC

[BREAK] PLC proprietary protocols

[SECURE] An introduction to safety

[BUILD] Process supervision: SCADA and DCS

[BREAK] Linking to corporate environments: Windows & Active Directory security

[BREAK] SCADA/DCS specific vulnerabilities

[BUILD] Industry 4.0 & IIoT

[SECURE] ICS cybersecurity general approach

[SECURE] Data exchange between ICS and the outside world

[BREAK] ICS security assessments

[BREAK] CTF

The Labs

This training is heavily hands-on. As an attendee, you’ll be able to download 3 virtual machines specifically configured for the exercises.

All the exercises are also covered in video:

Exercise: Programming a PLC

Exercice: Packet capture analysis

The CTF

To end the training, the Capture The Flag is always the most fun!

You’ll connect your VM to a VPN, and will have to compromise a Windows corporate environment, pivot to the ICS network and hack it in order to capture the flag!

The CTF setup is composed of real ICS components (Schneider & Siemens PLCs, Schneider SCADA software…) and will get a remote access to the setup and a video stream of the physical process so you can check if your attacks are working 🙂

What is included in the training?

The training will be taught remotely, live over a Zoom meeting (you can use the web version, no need to install anything to your computer).

The training will take place from Monday 15th to Friday 19th, each day from 2PM to 6PM CET (that’s 8 AM – 12 AM EST). Spreading the training over half-days is meant to be easier to fit into attendees agenda and to allow participant from different time zones.

By registering for this training, you’ll also get 30 days access to the online platform, including videos, the lab and CTF environments.

Target audience

This training aims at bridging the gap between IT and ICS: it is designed to allow OT professionals to understand the security challenges of ICS with an offensive mindset, while allowing IT professionals to discover the world of Industrial Control Systems and adapt their cybersecurity knowledge to this new world.

The training is heavily hands-on. While no ICS or pentest knowledge is required, it is recommended for attendees to have basic networking and computers skills (using virtual machines, the command line, understanding TCP/IP…).

Attendees need to bring a laptop with Virtualbox, capable of running 64-bits virtual machines (8GB RAM & 50GB free disk space recommended).

This training is not suited for people that already have a strong ICS cybersecurity technical experience.

Pricing and registration

The standard price for the remote, live training + 30-day access to the elearning is 2500 € VAT excluded for each participant.

We have a specific discount for the launch of training, price is reduced to 2000€ VAT excluded until January 31st !

Payment by wire transfer is preferred, get in touch with us at contact@rs-formation-conseil.fr

If you are interested to buy access for several employees, please get in touch for volume discount

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: